Cryptography 1

Overview:

Q. Threat

A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability.

Q. Attack

An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system.

Q. What is OSI security architecture?

The Open Systems Interconnection (OSI) architecture provides a systematic framework for defining security attacks, mechanisms, and services.

Q. What is the difference between passive and active security threats?

A passive attack attempts to learn or make use of information from the system but does not affect system resources. An active attack attempts to alter system resources or affect their operation.

Q. List and briefly define categories of passive and active security attacks?

Passive Attacks:

Passive attacks are in the nature of eavesdropping on, or monitoring of transmission. The goal of the opponent is to obtain information that is being transmitter.

a)      Release of message content: Read contents of message transmitted between two or more users. Message transmission can be happened using email message, file or any other electronic manner.

b)      Traffic analysis:observe pattern of messages from two or more users. This is subtler.

Active Attacks:

a)      Masquerade: It takes place one entity pretends to be a different entity. A masquerade attack usually includes one of the other forms of active attack.

b)      Replay: It involves the passive capture of data unt and its subsequent retransmission to produce an unauthorized effect.

a)      Modification of messages: It simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect.

b)      Denial of service: It prevents or inhibits the normal use or management of communications facilities. This attack may have a specific target.

Q. List and briefly define categories of security services?

X.800 and RFC2828 defines security services in their own ways. We can say security services provide protection of system resources, data transmission, implementation of security policies and mechanism.

X.800 divides security services into five categories and fourteen specific services.

i) Authentication: The assurance that the communicating entity is the one that it claims.

                a) Peer entity authentication

                b) Data-Origin authentication

ii) Access control: The prevention of unauthorized use of a resource.

iii) Data confidentiality: the protection of data from unauthorized disclosure.

a)      Connection confidentiality

b)      Connectionless confidentiality

c)       Selective field confidentiality

d)      Traffic flow confidentiality

iv) Data integrity: The assurance that data received are exactly as sent by an authorized entity.

a)      Connection integrity with recovery

b)      Connection integrity without recovery

c)       Selective field connection integrity

d)      Connectionless integrity

e)      Selective field connectionless integrity

v) Nonrepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.

                a) Nonrepudiation, Origin

b) Nonrepudiation, Destination

Q. List and briefly define categories of security mechanisms?

Security mechanisms defined in X.800 as listed below:

Specific security mechanisms:

1)      Encipherment: The use of mathematical algorithms to transform data into a form that is not readily intelligible.

2)      Digital signature:Data appended to , or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery.

3)      Access control: A variety of mechanisms that enforce access rights to resources.

4)      Data integrity: A variety of mechanisms used to assure the integrity of a data unit or stream of data units.

5)      Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information exchange.

6)      Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts.

7)      Routing control: Enables selection of particular physically secure routes for certain data and allows routing changes, especially when a breach of security is suspected.

8)      Notarization: The use of a trusted third party to assure certain properties of a data exchange.

Chip-Off Forensic

About Chip-Off Forensics:
Chip-off forensics is an advanced digital data recovery and analysis technique which involves physically removing flash memory chip(s) from a subject device and then acquiring the raw data using specialized equipment. Chip-off forensics is a powerful capability that allows Binary Intelligence to collect a complete physical image of nearly any device – even those which have suffered catastrophic damage.

Techniques to Chip-off:

Step 1 – the memory chip is physically removed. This is accomplished using appropriate heat (de-soldering) and chemicals (adhesive removal).

Step 2 – the chip is cleaned and repaired (or re-balled) as necessary.
Step 3 – the raw data is acquired or “imaged” from the chip using specialized chip programmers and adapters.
Step 4 – the raw forensic image is then analyzed using industry standard forensic tools and custom utilities.

For more detaills information you can use below links.
http://www.teeltech.com/mobile-device-foren…/jtag-forensics/
http://www.controlf.net/training/fmcr/
http://www.dfs.virginia.gov/training/forensic-training/

Note: It is very special, because you don't have any idea about your smartphone & flash memory (Pen drive).
you don't know manufacturer already install a keylogar/Spyware in your electronics devices. Do you think, the are trusted? No......Never.........&...........Ever.

JTAG Forensics

What is JTAG forensics?

JTAG (Joint Test Action Group) forensics is an advanced level data acquisition technique, which involves to connecting to Test Access Ports (TAPs) on a device and instructing the processor to transfer the raw data stored on connected memory chips. When supported, jtag is an extremely effective technique that Binary Intelligence utilizes to extract a full physical image from devices that cannot be acquired with normal tools.

When is it appropriate to JTAG an evidence device?

When commercial forensic extraction options cannot acquire a physical image or when a device is logically damaged or “bricked”. The majority of our JTAG engagements involve Android phones which are pattern locked and cannot be bypassed by other means. We also regularly JTAG prepaid cell phone models (such as TracFone, Net10 and Virgin) which have their data ports intentionally disabled by the carrier.

What are the basic steps of a JTAG forensic examination?

Step 1 – identify TAPs by researching documented devices. When TAPs are unknown, inspect the device PCB for potential TAPs and manually trace or probe to pinpoint appropriate connector pins.
Step 2 – solder wire leads to the correct connector pins or utilize a solderless jig.
Step 3 – connect wire leads to an appropriate JTAG emulator with support for the exhibit device.
Step 4 – read the flash memory after selecting the appropriate device profile or manually configuring the correct processor/memory settings.
Step 5 – analyze the extracted data using industry standard forensic tools and custom utilities.

What type of devices can be extracted with the JTAG process?

Like chip-offs, the majority of our JTAG engagements involve cellular phones; however, forensic jtagging can be employed with any device that contains embedded flash memory, a supported processor and has working TAPs. In addition to cell phones, the JTAG method can commonly be used to extract data from video gaming systems, tablets and network devices.

Here are some actual case examples involving JTAG forensic examinations:

·      Workplace harassment – in support of a corporate employee relations investigation, a JTAG extraction was performed on a standard GSM phone which had only limited commercial forensic tool support (file-system only). Important deleted SMS text messages, call logs and pictures were identified by searching the memory image.

·         Homicide – a basic prepaid “throw down” phone with a disabled data port was acquired via JTAG and several threatening text messages were recovered from unallocated portions of the physical memory image.

·         Suicide –the family of a suicide victim desired access to a pattern locked Android phone. A JTAG extraction was completed and the appropriate unlock pattern was extracted and provided.

Training on Cyber Security & Ethical Hacking

Lecture # 1 –Introduction to Cyber Security & Ethical Hacking
Lecture # 2 - Introduction to Hacking, IP Addresses, IP Enumeration, Finding out IP Addresses, Image Tracking, File Tracking, Tracing an IP Address and Tracing a Mobile Phone
Lecture # 3 -NAT, Internal VS External IP Addresses, IP Address Hiding, Perfect Cyber Crime, Proxy Server, Unblocking Websites, People Hacking, VPN and HTTP Tunneling
Lecture # 4 -Network Reconnaissance & Information Gathering
Lecture # 5 -Network Reconnaissance & Information Gathering Part 2
Lecture # 6 -Network Reconnaissance & Information Gathering Part 3 
Lecture # 7 - Trojans, Keyloggers and Spyware Attacks
Lecture # 8 -Password Cracking Attacks Part 1
Lecture # 9 -Password Cracking Attacks Part 2
Lecture # 10 -DOS Attacks, Distributed DOS Attacks, Data Encryption, Data Hiding and Stenography - Part 1
Lecture # 11 -Steganography -Part 2, Phishing Attacks, Link Manipulation Attacks & Open Redirection Attacks
Lecture # 12 -Cross Site Scripting Attacks, Cookie Stealing and Session Hijacking
Lecture # 13 - 25 Attacks with Backtrack
Lecture # 14 -Wi-Fi Hacking - Part 1
Lecture # 15 -Wi-Fi Hacking - Part 2
Lecture # 16 - Reverse & Bind Shell Attacks
Lecture # 17- Social Engineering Toolkit Attacks
Lecture # 18- Kali and POS Hacking
Lecture # 19- Honeypots & Computer Forensics
Lecture # 20- ARP Poisoning
Lecture # 21- SQL Injection and Q& A Session Hands on workshop & Q&A-LIVE

Cyber Security

About Cyber Security:
Learn the latest computer security tools, techniques & methods related to Ethical Hacking from us and open various career opportunities for yourself! 

Now a days it is most important topic in daily life for personal security and national security.

You must learn:

First Step:

Who is a Hacker? 
What will you learn in the AFCEH Course? 
The Anatomy of an IP Address 
The Anatomy of an IP Address Part 2 
Enumerating Remote Systems 
Hiding Your IP Address 
Tracing an IP Address 
Network Address Translation 
Internal VS External IP Addresses 
Internal VS External IP Addresses DEMO 
MAC Addresses 
MAC Addresses DEMO 
MAC Addresses Spoofing 
MAC Addresses Spoofing DEMO 
How to find the Remote Computer's MAC Address? 
How to find the Remote Computer's MAC Address? DEMO 
Changing your MAC Address 
Fport 
Fport DEMO 
Proxy Servers 
Proxy Servers Part 2 
Proxy Bouncing 
Proxy Bouncing Part 2 
Tor: Anonymity Online 
HACKING DEMO: tor 
Hacking File Hosting Websites 
Bypassing the Ads & Multiple Links 
HACKING DEMO: Bypassing the Ads & Multiple Links 
Bypassing the Download Wait Countdown 
Bypassing the Download Limit 
Shortened URL Vulnerabilities 
Introduction 
Threats 
Previewing a Shortened URL 
HACKING DEMO: Shortened URL Vulnerabilities 
Network Reconnaissance 
Ping sweeping 
Traceroute 
WHOIS 
Reverse DNS Lookups 
The Hosts File 
The Hosts File Part 2 
Netcat

Netcat Demo 
NCat 
HACKING DEMO: Ncat 
Port Scanning 
Daemon Banner Grabbing 
Scanline 
Scanline Demo 

Lab Session 1  

Second Step:

ICMP Scanning 
OS Fingerprinting 
Firewall Enumeration 
Zenmap 
Zenmap Demo 
Detection-Screen Cap 
Passive Fingerprinting with P0f 
Passive Fingerprinting with P0f Demo 
Web Server Fingerprinting 
Web Server Fingerprinting Demo 
Avoid OS Detection: Change Default Values 
Avoid OS Detection: Change Default Values Demo 
Packet Generation 
Packet Generation Demo 
Packet Generator: Nping 
HACKING DEMO: Nping 
Conclusion - Information Gathering 
Email Forging 
EMail Spoofing Part 2 
DOS Attacks 
Reflective DDOS Attacks 
Password Cracking Attacks 
Password Cracking Attacks Part 2 
Cracking Saved Passwords in Browsers 
Introduction 
Google Chrome 
Firefox Mozilla 
Internet Explorer 
Tools 
HACKING DEMO: Cracking Saved Passwords in Browsers 
Countermeasures 
Password Managers 
Introduction 
KeePassX 
HACKING DEMO: Using KeePassX 
LastPass 
ClipperZ 
KeepPass.info 
Vulnerabilities 
Intellectual Property Theft 
Sniffers 
Keyloggers 
Trojans 
EXE Binders

EXE Binders Part 2 
Social Engineering Attacks 
TCP/IP: A Mammoth Description 
Firewall Tunneling using SSH & Putty 
Introduction 
Steps to Follow 
Unblocking P2P File Sharing tools using SSH & Putty 
Unblocking P2P File Sharing tools Other Techniques 
HACKING DEMO: Various ways to Unblock P2P File Sharing Tools 
Hacking Windows 
Introduction 
Passwords 
The Look and Feel 
Security Checklists 
HTTP Tunneling 
Introduction 
How it Works 
Tools of Trade 
HACKING DEMO: HTTP Tunneling 
Email Hacking 
Tracing Emails 
Email Forging 
The Post Office Protocol (POP) 
Mailbombing 
Cracking Email Accounts 
Securing Email 
Port Forwarding 
Introduction 
How it Works 
Configuring the Router 
PortForward.com 
DynDNS 
Source Port Forwarding Using fpipe 
Port Forwarding VS Port Triggering 
Lab Session 2 

Third Step:

Identity Thefts 
Input Validation Attacks 
SQL Injection 
IP Spoofing 
Cross Site Scripting Attacks 
Misuse of Hidden HTML tags 
Canonicalization Attacks 
HTTP Response Splitting 
Web Hacking 
Buffer Overflows 
Passive Sniffing Attacks 
HACKING DEMO: Passive Sniffing Attacks 
What is a Switch? 
What is a Hub? 
Router VS Hub VS Switch 
Introduction 
Countermeasures 
Active Sniffing Attacks 

ARP Poisoning Attack 
HACKING DEMO: ARP Poisoning Attacks 
MAC Flooding Attack 
HACKING DEMO: MAC Flooding Attack 
MAC Duplication Attack 
Playing with ARP Tables 
Countermeasures 
HACKING DEMO: Countermeasures 
Social Networking Websites Security 
Windows 7 & Windows Vista Offline Password Cracking 
Windows 7 & Windows Vista Offline Password Cracking Demo 
Windows 7 & Windows Vista Bypassing Login Prompt 
Windows 7 & Windows Vista Bypassing Login Prompt Demo 
Windows 7 & Windows Vista Online Password Cracking 
Windows 7 & Windows Vista Online Password Cracking 
CAPTCHA 
Introduction 
A Good CAPTCHA System 
reCAPTCHA 
Mail Hide from reCAPTCHA 
HACKING DEMO: reCAPTCHA and Mail Hide 
Cracking CAPTCHA 
Cracking MegaUpload.com's Captcha 
HACKING DEMO: Cracking MegaUpload.com's Captcha 
Future Trends 
GreaseMonkey Scripts 
My Favorite Facebook Scripts 
My Favorite Youtube Scripts 
My Favortie Twitter Scripts 
Tab Napping 
Introduction 
Threats 
Steps Involved 
HACKING DEMO: Tab Napping 
DNS Attacks 
Introduction 
Tools 
HACKING DEMO: DNS Tools 
DNS Poisoning Sniffing ID Attack 
DNS Cache Poisoning Birthday Paradox 
DNS Cache Poisoning Birthday Attack 
Modern Day DNS Attacks: Search Engines 
Modern Day DNS Attacks: Fat Fingers Attack 
Modern Day DNS Attacks: Domain Hijacking 
HACKING DEMO: Modern Day DNS Attacks 
Modification on User Computers 
HACKING DEMO: Modification on User Computers 
Accessing Blocked Websites using Public DNS Systems 
HACKING DEMO: Accessing Blocked Websites using Public DNS Systems 
Countermeasures 
HACKING DEMO: FCrDNS 
Lab Session 3

Fourth Step:

Encryption: Protecting Your Files 
Meet in the Middle Attack 
Introduction 
The Attack 
Shell Accounts 
Shell Accounts Part 2 
USB Hacking: Linux on the Move 
Undeleting Deleted Data 
Undeleting Deleted Data Part 2 
Permanently Removing Data: Eraser 
Tripwire 
Sysinternals 
Task Kill Attack 
Shoulder Surfing 
Dumpster Diving 
Road Sign Hacking 
Steganography 
Steganography Part 2 
Watermarking 
Steganalysis 
Wireless Hacking 
Introduction to Wireless Networks 
Setting up a Wireless Network 
Wireless Security 
Poisoned Hotspots 
Important Terminology 
War Driving 
War Driving: How does it work? 
War Driving Tools 
HACKING DEMO: War Driving Tools 
War Driving & GPS Mapping 
Finding WiFi Hotspots on the Internet 
HACKING DEMO: Finding WiFi Hotspots on the Internet 
Locating WiFi Hotpots on your iPhone/iTouch/iPad 

Re-Association Requests 
De-Authentication Attacks 
Countermeasures against War Driving 
Wireless Data Sniffers 
HACKING DEMO: Wireless Data Sniffers 
How are Wireless Connections Established? 
MAC Filtering Attacks 
DOS Attacks against Wireless Networks 
WEP Security Loopholes 
Cracking WEP, WPA, WPA2: Tools 
ARP Request Relay Attack 
Fake Authentication Attack 
Cracking WEP Keys 
Caffe Latte Attack 
Improvements in WPA over WEP 
Cracking WPA & WPA2 
Recovering WEP & WPA Keys from Local Machine 
HACKING DEMO: Recovering WEP & WPA Keys from Local Machine 
Computer Forensics 
Honeypots 
Batch File Programming

Viruses Torn Apart 
Penetration Testing & Vulnerability Assessment 
Penetration Testing & Vulnerability Assessment Part 2 
Investigating Cyber Crimes 
Intrusion Detection Systems 
Intrusion Prevention Systems 
Bluetooth Security: Hacking Mobile Phones 
Software Hacking 
Protecting CDs and DVDs 
Backtrack 
Lab Session 4

Happy Practices.